<?php 

if( !defined('Dept_Perms_class') )
{
  define('Dept_Perms_class', 'true');
  
  class Dept_Perms extends databaseData
  {
	var $fid;
	var $id;
	var $rights;
	var $file_obj;
	var $error;
	var $chosen_mode;
	var $connection, $database;
	var $error_flag = FALSE;
	
	var $NONE_RIGHT = 0;
	var $VIEW_RIGHT = 1;
	var $READ_RIGHT = 2;
	var $WRITE_RIGHT = 3;
	var $ADMIN_RIGHT = 4;
	var $FORBIDDEN_RIGHT = -1;
	var $USER_MODE = 0;
	var $FILE_MODE = 1;

	function Dept_Perms($id, $connection, $database)
	{
		$this->id = $id;  
		$this->connection = $connection;
		$this->database = $database;
	}
	function getCurrentViewOnly()
	{	
		return $this->loadData_UserPerm($this->VIEW_RIGHT);	
	}
	function getCurrentNoneRight()
	{	
		return $this->loadData_UserPerm($this->NONE_RIGHT);	
	}
	function getCurrentReadRight()
	{	
		return $this->loadData_UserPerm($this->READ_RIGHT);	
	}
	function getCurrentWriteRight()
	{	
		return $this->loadData_UserPerm($this->WRITE_RIGHT);	
	}
	function getCurrentAdminRight()
	{	
		return $this->loadData_UserPerm($this->ADMIN_RIGHT);	
	}
	function getId()
	{	
		return $this->id;				
	}
	function loadData_UserPerm($right)
	{
		$index = -1;
		$fileid_array = array();
		$query = "SELECT {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.fid FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA, {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS 
			WHERE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.rights >= $right AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.dept_id=$this->id 
			AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA.id={$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.fid AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA.publishable=1";
		$result = mysql_query($query, $this->connection) or die("Error in querying: $query" .mysql_error());
		$llen = mysql_num_rows($result);
		while( $index< $llen ) 
		{
			list($fileid_array[++$index] ) = mysql_fetch_row($result);	
		}
		return $fileid_array;		
	}

	function canView($data_id)
	{
		$filedata = new FileData($data_id, $this->connection, $this->database);

		if(!$this->isForbidden($data_id) and $filedata->isPublishable() )
		{
			if($this->canDept($data_id, $this->VIEW_RIGHT))
				return true;
			else
				false;
		}
		return false;
	}

	function canRead($data_id)
	{
		$filedata = new FileData($data_id, $this->connection, $this->database);

		if(!$this->isForbidden($data_id) or !$filedata->isPublishable() )
		{

			if($this->canDept($data_id, $this->READ_RIGHT) or !$filedata->isPublishable($data_id) )
				return true;
			else
				false;
		}
		return false;
	}

	function canWrite($data_id)
	{
		$filedata = new FileData($data_id, $this->connection, $this->database);

		if(!$this->isForbidden($data_id) or !$filedata->isPublishable() )
		{
			if($this->canDept($data_id, $this->WRITE_RIGHT))
				return true;
			else
				false;
		}

	}

	function canAdmin($data_id)
	{
		$filedata = new FileData($data_id, $this->connection, $this->database);

		if(!$this->isForbidden($data_id) or !$filedata->isPublishable() )
		{
			if($this->canDept($data_id, $this->ADMIN_RIGHT))
				return true;
			else
				false;
		}

	}

	function isForbidden($data_id)
	{
		$this->error_flag = true; 
		$right = -1;
		$query = "SELECT $this->database.{$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.rights FROM $this->database.{$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS WHERE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.dept_id = $this->id AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.fid = $data_id";
		$result = mysql_query($query, $this->connection) or die("Error in query" .mysql_error() );
		if(mysql_num_rows($result) == 1)
		{
			list ($right) = mysql_fetch_row($result);
			if($right == $this->FORBIDDEN_RIGHT)
				return true;
			else
				return false;
		}
		else 
		{
			$this->error = "Non-unique database entry found in $this->database.$this->TABLE_DEPT_PERMS";
			$this->error_flag = false;
			return 0;
		}	
	}
	function canDept($data_id, $right)
	{
		$query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS WHERE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.dept_id = $this->id and {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.fid = $data_id AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.rights >= $right";
		$result = mysql_query($query, $this->connection) or die ("Error in querying: $query" .mysql_error() );
		
		switch(mysql_num_rows($result) )
		{
			case 1: return true; break;
			case 0: return false; break;
			default : $this->error = 'non-unique uid: $this->id'; break;
		}
	}
	function getPermission($data_id)
	{
	  $query = "SELECT {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.rights FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS WHERE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.dept_id = $this->id and {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.fid = $data_id";
	  $result = mysql_query($query, $this->connection) or die("Error in query: .$query" . mysql_error() );
	  if(mysql_num_rows($result) == 1)
	  {
	    list($permission) = mysql_fetch_row($result);
	    return $permission;
	  }
	  else if (mysql_num_rows($result) == 0)
	    return 0;
	  else
	    return 'Non-unique error';
	}
  }
}
?>
